<?php
require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
confirm_user_logged_in();
if (!isset($_GET["user"])) {
set_error_output("User not selected. ");
} else {
if (!check_existance_by_id("users", "id", $_GET["user"])) {
set_error_output("User does not exist. ");
}
}
include "../includes/layouts/header.php";
?>
<div class="row">
<div class="large-12 columns">
<div class="panel">
<h4>Friends</h4>
<?php
echo "<div id=\"friends_result_table\"> ";
make_friends_table($_GET["user"]);
echo "</div>";
if ($_SESSION["user_id"] == $_GET["user"]) {
echo "<a id=\"delete_friends_link\"> Delete friends </a> ";
}
?>
<script src="javascripts/vendor/jquery.js"></script>
<script src="javascripts/search_functions.js"> </script>
<script> make_pages("#friends_result_table"); </script>
$query .= " activation = '{$activation}' ";
$query .= "LIMIT 1 ";
$result = mysqli_query($connection, $query);
if ($result && mysqli_affected_rows($connection) > 0) {
$user_id = mysqli_fetch_assoc($result)["id"];
$password = password_encrypt($_POST["password"]);
$query = "UPDATE users ";
$query .= "SET password = '******' ";
$query .= "WHERE id = {$user_id} ";
$query .= "LIMIT 1 ";
$result = mysqli_query($connection, $query);
if (!$result || mysqli_affected_rows($connection) <= 0) {
set_error_output("Reset password failed.");
}
} else {
set_error_output("Reset password failed.");
}
}
?>
<?php
include "../includes/layouts/header.php";
?>
<div class="row">
<div class="large-12 columns">
<div class="panel">
Password has been changed. Please <a href="log_in.php"> Log in </a>
</div>
</div>
</div>
<?php
if (get_failed_login_attempts_by_username($safe_username) > 3) {
$time_left = username_throttle_time_left($safe_username, 10 * 60);
if ($time_left > 0) {
$wait_time = format_time_since_in_words($time_left);
set_error_output("You have used too many login attempts. Please wait {$wait_time} and try again. ");
}
}
$found_user = attempt_user_login($username, $password);
// Test if there was a query error
if ($found_user) {
// Success
// Mark user as logged in.
$_SESSION["user_id"] = $found_user["id"];
$_SESSION["username"] = $found_user["username"];
update_last_login_date($found_user["id"]);
redirect_to("index.php");
} else {
// Failure
$safe_username = mysql_prep($username);
add_failed_attempt($safe_username);
// if more then 10 in the last 15 minutes, this will happen
throttle_all_logins();
// in last 15 minutes by default
if (get_failed_login_attempts_by_username($safe_username) >= 3) {
set_error_output("You have used too many login attempts. Please wait 10 minutes and try again. ");
}
set_error_output("Username or password not found. ", "log_in.php");
}
} else {
// this is probably a get request
}
// Check file size
if ($_FILES["user_image"]["size"] > 500000) {
chmod('images/avatars/', 0755);
set_error_output("Sorry, your file is too large.");
$uploadOk = 0;
}
// Allow certain file formats
if ($image_file_type != "jpg" && $image_file_type != "png" && $image_file_type != "jpeg" && $image_file_type != "gif") {
chmod('images/avatars/', 0755);
set_error_output("Sorry, only JPG, JPEG, PNG & GIF files are allowed.");
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["user_image"]["tmp_name"], $target_file)) {
update_user_avatar($_SESSION["user_id"], $target_file);
chmod('images/avatars/', 0755);
show_message("The file " . basename($_FILES["user_image"]["name"]) . " has been uploaded.");
} else {
chmod('images/avatars/', 0755);
set_error_output("Sorry, there was an error uploading your file.");
}
}
?>
function check_throttle_all()
{
$throttle = array(10 => 1, 20 => 2, 30 => 15);
foreach ($throttle as $attempts => $delay) {
if (get_total_failed_login_attempts() > $attempts) {
$time_left = throttle_time_left($delay);
if ($time_left > 0) {
$wait_time = format_time_since_in_words($time_left);
set_error_output("'Our servers are being overloaded. Please wait {$wait_time} and try again. ");
}
}
}
}
if (mysqli_num_rows($result) != 0) {
set_error_output("That username has already been registered. Please select another.");
}
}
// Create a unique activation code:
$activation = md5(uniqid(rand(), true));
$query = "INSERT INTO users ( ";
$query .= "username, password, email, activation ";
$query .= ") VALUES ( ";
$query .= " '{$username}', '{$password}', '{$email}', '{$activation}' ";
$query .= " ) ";
$result = mysqli_query($connection, $query);
if ($result) {
// Success
init_user_avatar($username);
// Send the email
$body = " To activate your account, please click on this link:\n\n";
$body .= WEBSITE_URL . '/activation.php?email=' . urlencode($email) . "&key={$activation}";
$mailer = Swift_Mailer::newInstance($transport);
$message = Swift_Message::newInstance('Registration Confirmation')->setFrom(array(EMAIL => 'Hotline to Hell Girl'))->setTo(array($email))->setBody($body);
$result = $mailer->send($message);
echo '<div class="panel">Thank you for registering! A confirmation email has been sent to ' . $email . ' Please click on the Activation Link to Activate your account </div>';
} else {
// Failure
set_error_output("You could not be registered due to a system error. We apologize for any\n\t\t\t\t\tinconvenience.");
}
}
?>
<?php
include "../includes/layouts/footer.php";
<?php
require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
if (!isset($_SESSION["user_id"])) {
set_error_output("Please log in to add friend. ", "log_in.php");
} else {
if (!isset($_GET["user"])) {
set_error_output("Invalid friend. ", "index.php");
} else {
if ($_SESSION["user_id"] == $_GET["user"]) {
set_error_output("Cannot add yourself to your own friends list. ", "index.php");
} else {
if (already_friend($_SESSION["user_id"], $_GET["user"])) {
set_error_output("That user is already on your friends list. ", "user.php?user="******"user"]));
}
}
}
}
add_friend($_SESSION["user_id"], $_GET["user"]);
redirect_to("user.php?user="******"user_id"]);
if (!isset($_GET["user"])) {
set_error_output("Favorite deletion failed. User not selected.", "index.php");
} else {
if ($_SESSION["user_id"] != $_GET["user"]) {
set_error_output("Favorite deletion failed. ", "index.php");
} else {
if (!isset($_GET["episode"])) {
set_error_output("Favorite deletion failed. Episode not selected. ", "search.php?epname=");
} else {
if (!check_existance_by_id("episodes", "EpID", $_GET["episode"])) {
set_error_output("Episode does not exist.", "search.php?epname=");
} else {
if (!check_existance_by_id("users", "id", $_GET["user"])) {
set_error_output("User does not exist. ", "index.php");
} else {
if (!already_favorite($_GET["user"], $_GET["episode"])) {
set_error_output("You never favorited that", "video.php?e=" . urlencode($_GET["episode"]));
}
}
}
}
}
}
}
if (!delete_favorite($_GET["user"], $_GET["episode"])) {
set_error_output("Favorite deletion failed. Database error.", "video.php?e=" . urlencode($_GET["episode"]));
}
?>
Favorite:<i class="fi-like" id="video_info_panel_favorite_icon"></i>
<?php
require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
if (!isset($_GET["user"])) {
set_error_output("No user selected");
} else {
$user = find_user_by_id($_GET["user"]);
if (!$user) {
set_error_output("User not found. ");
} else {
if ($user["id"] == $_SESSION["user_id"]) {
$users_profile = true;
} else {
$users_profile = false;
}
}
}
include "../includes/layouts/header.php";
?>
<div class="row">
<div class="large-4 columns">
<div class="panel">
<h2><?php
echo $user["username"];
?>
</h2>
<img src="<?php
echo get_user_avatar($user["id"])["file_path"];
set_error_output("Favorite failed. User not selected.", "video.php?e=" . urlencode($_GET["episode"]));
} else {
if ($_SESSION["user_id"] != $_GET["user"]) {
set_error_output("Favorite failed. ", "video.php?e=" . urlencode($_GET["episode"]));
} else {
if (!isset($_GET["episode"])) {
set_error_output("Favorite failed. Episode not selected. ", "search.php?epname=+");
} else {
if (!check_existance_by_id("episodes", "EpID", $_GET["episode"])) {
set_error_output("Episode does not exist.", "search.php?epname=+");
} else {
if (!check_existance_by_id("users", "id", $_GET["user"])) {
set_error_output("User does not exist. ", "video.php?e=" . urlencode($_GET["episode"]));
} else {
if (already_favorite($_GET["user"], $_GET["episode"])) {
set_error_output("You have already favorited that", "video.php?e=" . urlencode($_GET["episode"]));
}
}
}
}
}
}
}
add_favorite($_GET["user"], $_GET["episode"]);
// now that we know it was added, we can now output the html to replace the other.
?>
<!--span data-user-id="<?php
/*
if (isset($_SESSION["user_id"])) {
echo $_SESSION["user_id"];
} else {
<?php
require_once "../includes/session.php";
require_once "../includes/db_connection.php";
require_once "../includes/functions.php";
include "../includes/layouts/header.php";
if (!isset($_GET["e"])) {
set_error_output("No episode selected. ");
} else {
$episode = get_episode_by_id($_GET["e"]);
if ($episode == null) {
set_error_output("Episode not found. ");
}
}
?>
<div class="row">
<div class="large-9 medium-9 columns">
<div class="panel">
<h3><?php
echo $episode["EpName"];
?>
</h3>
<!-- going to have to replace these query strings in my php -->
<!--iframe src="http://videowing.me/embed/85ef0549e876ca9759874370ffc7f133?w=718&h=438" scrolling="no" width="718" height="438" marginheight="0" marginwidth="0" frameborder="0"></iframe-->
<iframe src="<?php
echo $episode["VidLink"];
?>
"
scrolling="no" width="680" height="438" marginheight="0" marginwidth="0" frameborder="0"></iframe>
